Defending Against Stealthy Botnets

Bagath Basha*, N. Sankar Ram**, Paul Rodrigues***, L. Ranjith****
* Department of Computer Science & Engineering, Velammal Engineering College, Chennai.
** Department of Computer Science & Engineering, Velammal Engineering College, Chennai.
*** Professor & Dean, Department of Computer Science & Engineering, Hindustan University, Chennai.
**** Assistant Professor, TIFAC CORE, Velammal Engineering College, Chennai.
Periodicity:April - June'2010
DOI : https://doi.org/10.26634/jse.4.4.1176

Abstract

Global Internet threats are rapidly evolving from attacks designed solely to disable infrastructure to those that also target people and organizations. This alarming new class of attacks directly impacts the day to-day lives of millions of people and endangers businesses and governments around the world. For example, computer users are assailed with spyware that snoops on confidential information, spam that floods email accounts, and phishing scams that steal identities. At the center of many of these attacks is a large pool of compromised computers located in homes, schools, businesses, and governments around the world.

In this paper, the authors provide a detailed overview of current Botnet technology and defense by exploring the intersection between existing Botnet research, the evolution of botnets themselves, and the goals and perspectives of various types of networks. Authors also describe the invariant nature of their behavior in various phases, how different kinds of networks have access to different types of visibility and its strong impact on the effectiveness of any Botnet detection mechanism. A comprehensive picture of the various Botnet detection techniques that have been proposed is provided. Finally, the paper summarizes the survey and suggests future directions.

Keywords

Command and Control, Internet Relay Chat, Distributed Denial of Service and Peer-To-Peer.

How to Cite this Article?

Bagath Basha, N. Sankar Ram, Paul Rodrigues and Ranjith (2010). Defending Against Stealthy Botnets.i-manager’s Journal on Software Engineering, 4(4), 40-49. https://doi.org/10.26634/jse.4.4.1176

References

[1]. Basil AsSadhan, José, M. F. Moura, David Lapsley, Christine Jones, and Timothy Strayer, W., (2009). “Detecting Botnets using Command and Control Traffic”, Proceedings of the 2009 Eighth IEEE International Symposium on Network Computing and Applications, pp.156-162
[2]. Binbin Wang, Zhitang Li, Hao Tu, & Jie Ma, (2009). “Measuring Peer-to-Peer Botnets Using Control Flow Stability ”, International Conference on Availability, Reliability and Security, pp 663-669.
[3]. Brett Stone-Gross, (2009). “Your Botnet is My Botnet: Analysis of a Botnet Takeover”, Chicago, pp.9-13.
[4]. Fink. J., (2009). FBI Agents Raid Dallas Computer Business. http://cbs11tv.com/local/Core.IP. Networks. 2.974706.html.
[5]. Holz. T., Engelberth. M., & Freiling. F., (2008). “Learning More About the Underground Economy: A Case-Study of Keyloggers and Dropzones”, Reihe Informatik TR-2008-006, University of Mannheim, pp.1-18.
[6]. Justin Leonard, Shouhuai Xu, & Ravi Sandhu. (2009). “A First Step Towards Characterizing Stealthy Botnets”, International Conference on Availability, Reliability and Security, pp.106-113.
[7]. Justin Leonard, Shouhuai Xu & Ravi Sandhu, (2009, March 16). “A Framework for Understanding Botnets”, International Conference on Availability, Reliability and Security, pp.917-922.
[8]. Jackson. D. (2008). http://www.secureworks.com/research/tools/untorpig/.
[9]. Kapil Singh, Abhinav Srivastava, Jonathon Giffin, & Wenke Lee, (2008). “Evaluating Email's Feasibility for Botnet Command and Control”, International Conference on Dependable Systems & Networks, pp.376-385.
[10]. Masayoshi Mizutani, Shin Shirahata, Masaki Minami & Jun Murai, (2008). “ROOK: Multi-Session based Network Security Event Detector”, International Symposium on Applications and the Internet, pp.48-54.
[11]. Michael Bailey, Evan Cooke, Farnam Jahanian, & Yunjing Xu, (2009). “A Survey of Botnet Technology and Defenses” University of Michigan, Ann Arbor, Michigan, pp.299-304.
[12]. Ralf Hund, Matthias Hamann & Thorsten Holz, (2008). “Towards Next-Generation Botnets”, European Conference on Computer Network Defense, pp.33- 40.
[13]. Rajab. M.A., Zarfoss. A., Monrose. F., & Terzis. A., (2006). “A Multifaceted Approach to Understanding the Botnet Phenomenon”, ACM Internet Measurement Conference (IMC), pp.90-98.
[14]. Saroiu. S., Gribble. S., & Levy. H., (2004). “Measurement and Analysis of Spyware in a University Environment ”, Networked Systems Design and Implementation (NSDI), pp.161-166.
[15]. Shields. M., (2008). Trojanvirus steals banking info. http://news.bbc.co.uk/2/hi/technology/ 7701227.stm.
[16]. Wei WANG, Binxing FANG, Zhaoxin ZHANG, & Chao LI, (2009). “A Novel Approach to Detect IRC-based Botnets”, International Conference on Networks Security, Wireless Communications and Trusted Computing, pp.408- 411.
If you have access to this article please login to view the article or kindly login to purchase the article

Purchase Instant Access

Single Article

North Americas,UK,
Middle East,Europe
India Rest of world
USD EUR INR USD-ROW
Online 15 15

Options for accessing this content:
  • If you would like institutional access to this content, please recommend the title to your librarian.
    Library Recommendation Form
  • If you already have i-manager's user account: Login above and proceed to purchase the article.
  • New Users: Please register, then proceed to purchase the article.